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REMARKS 



The above amendment and these remarks responsive to the 
Office Action of Examiner Mareisha N. Winters, dated 9 July 
2003. 

Claims 1-19 are in the case, none as yet allowed* 



Claims 1-19 have been rejected under 35 U.S.C. 103(a) 
over U.S. Patent 6,473,800 (Jerger) in view of U.S. Patent 
5, 974, 549 (Golan) . 

Jerger describes an ActiveX construct. 

Golan describes running sandboxed code side -by- side 
(e.g,, applets) where the end-user can define the level of 
execution allowed (e.g. the applet is allowed to write files 
or not) . 
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Applicants assert that it is not an obvious construct 
to add the Golan concept to Jerger's ActiveX teachings to 
reach the claims in the present application. Applicants' 
claims differ in at least the following: 

1. In applicants' invention, the administrator, not 
the end user, determines what the sandboxed code gets to do. 
Applicants' claimed trust model inherently is about the end 
user deciding to trust the administrator (that is, server) , 
not the code-author (as is the case with Golan and Jerger) 
to determine the rights -level of the code executing on the 
client machine. 

2. In applicants' invention, the administrator can 
subsequently turn up/down the rights level of the code. 
Basically, applicants' model is a security partitioning for 
w grid-style" processing (a term which has been added to the 
art subsequent to applicants' filing, but refers to the 
concept applicants claim) . In such "grid- style" processing, 
a secured portion of the end-user's machine is "borrowed" to 
run whatever the website, or server, administrator wants to 
run. The essential difference shows up in the administrator 
control at the server, which is not at all taught by Golan 
or Jerger. 
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In applicants invention, the user determines if the 
site (server, administrator) is to be trusted, and if 
trusted, the administrator, or server, controls what is to 
be loaded to and executed at the client. See applicants' 
specification, page 4, lines 6-19; page 103 , line 12 to page 
105, line 8. 



On this point of having a trusted server control 
download, the Examiner states: 



"said server site responsive to said user accepting 
said server site as trusted for centrally administering 
security policies for said services and programs 
(column 7, lines 1-9).* (Office Action, page 3, lines 
17-18,) 



However, Golan says: 



"The secure monitor DLL, however, constructs a secure 
sandbox that monitors all the APIs that can be used to 
breach secuirty, e.g., file and disck access, system 
modifications, network connections, etc. whenever such 
an API is called directly or indirectly by the 
downloadable software component, the secure monitor DLL 
determines whether a security breach is being 
attempted. This determination is based on the API 
called, the parameters passed to it and a user 
configurable security policy. " (Golan, Col. 7, lines 1- 



The operation of Golan is described in the Abstract, which 



9) . 



states : 
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n The present invention is a method of creating a secure 
sandbox within which a plurality of downloaded software 
components can execute in a secure manner... The 
invention implements a security monitor that is 
injected to the address space of an arbitrary monitored 
application such as a Web browser... The monitored 
application then executes in a secure mode in which 
every software component downloaded executes in a 
secure sandbox. The security monitor detects when such 
a software component is downloaded and is operative to 
create the sandbox around it before it is permitted to 
execute. If the software component attempts to commit 
an action that breaches security, it halts the software 
component's execution and issues a warning to the 
user," (Golan, Abstract.) 



Applicants have amended each of the independent claims to 
make clear that the administrator (server) , once accepted as 
trusted by the client, controls what services are executed 
at the client. 



Applicants request that the amendments to the claims be 
entered, and claims 1-19 be allowed. 
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SUMMARY AMD CONCLUSION 



Applicants urge that the above amendments be entered 
and the case passed to issue with claims 1-19. 

If, in the opinion of the Examiner, a telephone 
conversation with applicant (s) attorney could possibly 
facilitate prosecution of the case, he may be reached at the 
number noted below. 



Sincerely, 



Carl J„ Kraenzel, et al . 



By 




Shelle^ M /Beck's 
Reg. No. 24 7 886 



Date: 



9 Oct 2003 



RECEIVED 
CENTRAL FAX CEMTER 

OCT 1 0 2003 



Shelley M BecJcstrand, P.C. 



Attorney at Law 
314 Main Street 
Owego, NY 13827 



Phone : 
Fax: 



(607) 687-9913 
(607) 687-7848 




LOT920000O11US1 



S/N 09/596, 745 



Received from < 607 687 7848 > at 10/9/03 4:23:30 PM [Eastern Daylight Time] 



